API tools faq
paste
Advertisement
Guest User

PA

a guest
Nov 17th, 2018
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.57 KB | None | 0 0
raw download clone embed print report
  1. set deviceconfig system permitted-ip 172.20.242.0/24
  2. set deviceconfig system service disable-telnet yes
  3. set deviceconfig system login-banner AuthorizedAccessOnlythorizedAccessOnly
  4. set network profiles zone-protection-profile Default discard-overlapping-tcp-segment-mismatch yes discard-unknown-option yes tcp-reject-non-syn yes flood tcp-syn enable yes syn-cookies maximal-rate 500
  5. set network profiles zone-protection-profile Default flood icmp enable yes
  6. set network profiles zone-protection-profile Default flood udp enable yes
  7. set network profiles zone-protection-profile Default flood other-ip enable yes
  8. set network profiles zone-protection-profile Default flood icmpv6 enable yes
  9. set network profiles interface-management-profile none
  10. set network interface ethernet ethernet1/3 layer3 interface-management-profile none
  11. set network interface ethernet ethernet1/2 layer3 interface-management-profile none
  12. delete rulebase security rules Any-Any
  13. delete rulebase security rules LAN2DMZ
  14. delete rulebase security rules DMZ2LAN
  15. delete rulebase security rules any2any
  16. set address Private1 ip-range 10.0.0.0-10.255.255.255
  17. set address Private2 ip-range 172.16.0.0-172.16.255.255
  18. set address Private3 ip-range 192.168.0.0-192.168.255.255
  19. set rulebase security rules GoogleDNS action allow from any to any source any destination 8.8.8.8
  20. set rulebase security rules GoogleDNS application dns service application-default
  21. set rulebase security rules DNSoutBlock action allow from LAN to EXTERNAL source any destination any profile-setting profiles spyware strict virus default vulnerability strict
  22. set rulebase security rules DNSoutBlock action allow from DMZ to EXTERNAL source any destination any
  23. set rulebase security rules DNSoutBlock application DNS service application-default
  24. set rulebase security rules NTPandSYSLOGandDNS action allow from LAN to DMZ source any destination any profile-setting profiles spyware strict virus default vulnerability strict
  25. set rulebase security rules NTPandSYSLOGandDNS action allow from DMZ to LAN source any destination
  26. set rulebase security rules NTPandSYSLOGandDNS application ntp service application-default
  27. set rulebase security rules NTPandSYSLOGandDNS application syslog service application-default
  28. set rulebase security rules NTPandSYSLOGandDNS application dns service application-default
  29. set rulebase security rules NTPandSYSLOGandDNS application ssl service application-default
  30. set rulebase security rules NTPandSYSLOGandDNS application web-browsing service application-default
  31. set rulebase security rules CentOStoUbuntuDB action allow from any to any source 172.20.240.11 destination 172.25.16.23 profile-setting profiles spyware strict virus default vulnerability strict
  32. set rulebase security rules CentOStoUbuntuDB from any source 172.25.16.11
  33. set rulebase security rules CentOStoUbuntuDB application any service any
  34. set rulebase security rules PrivateIPOutNoNo action deny from LAN to External source any destination Private1
  35. set rulebase security rules PrivateIPOutNoNo action deny from LAN to External source any destination Private2
  36. set rulebase security rules PrivateIPOutNoNo action deny from DMZ to External source any destination Private3
  37. set rulebase security rules PrivateIPOutNoNo application any service any
  38. set rulebase security rules PaloAltoOut action allow from LAN to External source 172.20.241.100 destination any
  39. set rulebase security rules PaloAltoOut action allow from LAN to DMZ source 172.20.241.100 destination any
  40. set rulebase security rules PaloAltoOut application paloalto-updates service any
  41. set rulebase security rules PaloAltoOut application dns service any
  42. set rulebase security rules PaloAltoOut application ntp service any
  43. set rulebase security rules Win7External action allow from External to External source 172.31.16.3 destination any
  44. set rulebase security rules Win7External application any service any
  45. set rulebase security rules CentOSin action allow from External to DMZ source any destination 172.25.16.11 profile-setting profiles spyware strict virus default vulnerability strict
  46. set rulebase security rules CentOSin application ssl service application-default
  47. set rulebase security rules CentOSin application web-browsing service application-default
  48. set rulebase security rules 2008DNStoUbuntuDNS action allow from LAN to DMZ source 172.20.241.27 destination 172.20.240.23 profile-setting profiles spyware strict virus default vulnerability strict
  49. set rulebase security rules 2008DNStoUbuntuDNS application dns service application-default
  50. set rulebase security rules DEBIANtoUBUNTU action allow from LAN to DMZ source 172.20.241.39 destination 172.20.240.23 profile-setting profiles spyware strict virus default vulnerability strict
  51. set rulebase security rules DEBIANtoUBUNTU application mysql service application-default
  52. set rulebase security rules DEBIANtoUBUNTU to External destination 172.25.16.23
  53. set rulebase security rules DEBIANtoUBUNTU to DMZ
  54. set rulebase security rules UbuntuDNSto2008DNS action allow from DMZ to LAN source 172.20.240.23 destination 172.20.241.27 profile-setting profiles spyware strict virus default vulnerability strict
  55. set rulebase security rules UbuntuDNSto2008DNS application dns service application-default
  56. set rulebase security rules UbuntuDNSto2008DNS application ntp service application-default
  57. set rulebase security rules UbuntuDNSto2008DNS application active-directory service application-default
  58. set rulebase security rules UbuntuDNSto2008DNS application ldap service application-default
  59. set rulebase security rules UbuntuDNSto2008DNS application ms-ds-smb service application-default
  60. set rulebase security rules UbuntuDNSto2008DNS application msrpc service application-default
  61. set rulebase security rules UbuntuDNSto2008DNS application ms-ds-smb service application-default
  62. set rulebase security rules UbuntuDNSto2008DNS application netbios-ss service application-default
  63. set rulebase security rules UbuntuDNSto2008DNS application netbios-dg service application-default
  64. set rulebase security rules CentOSDNSto2008DNS action allow from DMZ to LAN source 172.20.240.11 destination 172.20.241.27 profile-setting profiles spyware strict virus default vulnerability strict
  65. set rulebase security rules CentOSDNSto2008DNS application dns service application-default
  66. set rulebase security rules CentOSDNSto2008DNS application ntp service application-default
  67. set rulebase security rules CentOSDNSto2008DNS application active-directory service application-default
  68. set rulebase security rules CentOSDNSto2008DNS application ldap service application-default
  69. set rulebase security rules CentOSDNSto2008DNS application ms-ds-smb service application-default
  70. set rulebase security rules CentOSDNSto2008DNS application msrpc service application-default
  71. set rulebase security rules CentOSDNSto2008DNS application netbios-ss service application-default
  72. set rulebase security rules CentOSDNSto2008DNS application netbios-dg service application-default
  73. set rulebase security rules UbuntuDNSin action allow from External to DMZ source any destination 172.25.16.23 profile-setting profiles spyware strict virus default vulnerability strict
  74. set rulebase security rules UbuntuDNSin application dns service application-default
  75. set rulebase security rules DEBIANin action allow from External to LAN source any destination 172.25.16.39 profile-setting profiles spyware strict virus default vulnerability strict
  76. set rulebase security rules DEBIANin application web-browsing service application-default
  77. set rulebase security rules DEBIANin application smtp service application-default
  78. set rulebase security rules DEBIANin application pop3 service application-default
  79. set rulebase security rules DEBIANin application ssl service application-default
  80. set rulebase security rules DEBIANin application imap service application-default
  81. set rulebase security rules 2008DNSin action allow from External to LAN source any destination 172.25.16.27 profile-setting profiles spyware strict virus default vulnerability strict
  82. set rulebase security rules 2008DNSin application dns service application-default
  83. set rulebase security rules DMZout-CentOS action allow from DMZ to External source 172.20.240.11 destination any profile-setting profiles spyware strict virus default vulnerability strict
  84. set rulebase security rules DMZout-CentOS application ssl service application-default
  85. set rulebase security rules DMZout-CentOS application ftp service application-default
  86. set rulebase security rules DMZout-CentOS application yum service application-default
  87. set rulebase security rules DMZout-CentOS application github service application-default
  88. set rulebase security rules DMZout-CentOS application git-base service application-default
  89. set rulebase security rules DMZout-CentOS application ssh service application-default
  90. set rulebase security rules DMZout-CentOS application web-browsing service application-default
  91. set rulebase security rules DMZout-Ubuntu action allow from DMZ to External source 172.20.240.23 destination any profile-setting profiles spyware strict virus default vulnerability strict
  92. set rulebase security rules DMZout-Ubuntu application dns service application-default
  93. set rulebase security rules DMZout-Ubuntu application web-browsing service application-default
  94. set rulebase security rules DMZout-Ubuntu application ssl service application-default
  95. set rulebase security rules DMZout-Ubuntu application apt-get service application-default
  96. set rulebase security rules SERVERout-2012WAout action allow from LAN to External source 172.20.241.3 destination any profile-setting profiles spyware strict virus default vulnerability strict
  97. set rulebase security rules SERVERout-2012WAout application web-browsing service application-default
  98. set rulebase security rules SERVERout-2012WAout application ssl service application-default
  99. set rulebase security rules SERVERout-2012WAout application git-base service application-default
  100. set rulebase security rules SERVERout-2012WAout application ms-update service application-default
  101. set rulebase security rules SERVERout-2012WAout application github service application-default
  102. set rulebase security rules SERVERout-2008AD action allow from LAN to External source 172.20.241.27 destination any profile-setting profiles spyware strict virus default vulnerability strict
  103. set rulebase security rules SERVERout-2008AD application ssl service application-default
  104. set rulebase security rules SERVERout-2008AD application ms-update service application-default
  105. set rulebase security rules SERVERout-2008AD application dns service application-default
  106. set rulebase security rules SERVERout-2008AD application web-browsing service application-default
  107. set rulebase security rules SERVERout-Debian action allow from LAN to External source 172.20.241.39 destination any profile-setting profiles spyware strict virus default vulnerability strict
  108. set rulebase security rules SERVERout-Debian application pop3 service application-default
  109. set rulebase security rules SERVERout-Debian application imap service application-default
  110. set rulebase security rules SERVERout-Debian application dns service application-default
  111. set rulebase security rules SERVERout-Debian application ocsp service application-default
  112. set rulebase security rules SERVERout-Debian application smtp service application-default
  113. set rulebase security rules SERVERout-Debian application ssh service application-default
  114. set rulebase security rules SERVERout-Debian application github service application-default
  115. set rulebase security rules SERVERout-Debian application git-base service application-default
  116. set rulebase security rules SERVERout-Debian application ssl service application-default
  117. set rulebase security rules SERVERout-Debian application subversion service application-default
  118. set rulebase security rules SERVERout-Debian application sourceforge service application-default
  119. set rulebase security rules SERVERout-Debian application apt-get service application-default
  120. set rulebase security rules SERVERout-Debian application web-browsing service application-default
  121. set rulebase security rules INTERZONELAN action allow from LAN to LAN source any destination any
  122. set rulebase security rules INTERZONELAN application any service any
  123. set rulebase security rules INTERZONEDMZ action allow from DMZ to DMZ source any destination any
  124. set rulebase security rules INTERZONEDMZ application any service any
  125. set rulebase security rules DENYALLEXTERNAL action deny from External to any source any destination any
  126. set rulebase security rules DENYALLEXTERNAL application any service any
  127. set rulebase security rules DENYALL action deny from any to any source any destination any
  128. set rulebase security rules DENYALL application any service any
  129. commit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!